Sector brief for 2018-10-03

HEALTHCARE

1. Women in Information Security: Pam Armstrong
2. Gwinnett Medical Center Investigates Possible Data Breach
3. Gwinnett Medical Center investigates possible data breach
4. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
5. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific

TRANSPORT

6. Ransomware Hits Port of San Diego

BANKING & FINANCE

7. Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide
8. 3 types of attacks with ransomware: Cyber-theft, extortion, and sabotage
9. FireEye unmasks a new North Korean threat group
10. APT38: Details on New North Korean Regime-Backed Threat Group
11. Banking trojans, not #ransomware, are the biggest threat to the enterprise now.
12. Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.
13. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
14. Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific
15. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
16. New Danabot Banking Malware campaign now targets banks in the U.S.
17. 100,000-Plus Home Routers Hijacked in Campaign to Steal Banking Credentials
18. GhostDNS hijacked 100,000 router traffic directed to phishing sites
19. Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
20. IDG Contributor Network: Will your company be valued by its price-to-data ratio?
21. Z-LAB Report – Analyzing the GandCrab v5 ransomware
22. Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
23. North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
24. New Betabot campaign under the microscope
25. Enormous botnet used to hijack traffic destined for Brazilian banks
26. BYOB – Build Your Own Botnet
27. What is the future of authentication? Hint: It’s not passwords, passphrases or MFA
28. Norton by Symantec Urges Consumers to Help Protect Their Personal Data
29. DanaBot Observed in Large Campaign Targeting U.S. Organizations

INFORMATION & TELECOMMUNICATION

30. Virus Bulletin 2018: Microsoft’s Lambert on How Cloud is Changing Security
31. The ultimate fallout from the Facebook data breach could be massive
32. Phishing gets more complex as decoy PDF pops up with Microsoft-issued SSL certificate
33. Instagram accounts frozen with ransomware | Avast
34. Instagram accounts frozen with ransomware | Avast
35. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
36. Do you know the top myths and facts of #mobile #phishing? If not, don't worry, we've compiled a list of
37. Google Taking New Steps To Prevent Malicious Chrome Extensions
38. Instagram Used as Marketplace to Sell Stolen Fortnite Accounts and Botnets
39. 18 Vulnerabilities Found in Foxit PDF Reader
40. Phishing Attack Impersonates Law Firm
41. Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
42. Hacked Fortnite accounts and rent-a-botnet being pushed on Instagram
43. 18 Vulnerabilities Found in Foxit PDF Reader
44. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
45. Phishing Attack Impersonates Law Firm
46. TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
47. Facebook Reveals That Trio of Bugs Led to Data Breach
48. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks
49. New Danabot Banking Malware campaign now targets banks in the U.S.
50. GhostDNS hijacked 100,000 router traffic directed to phishing sites
51. Recipe Unlimited denies ransomware attack, despite alleged ransom note
52. IDG Contributor Network: Will your company be valued by its price-to-data ratio?
53. Introducing... THE HUNT: A Cyber Attack in the Process Industry
54. Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
55. Researchers associated the recently discovered NOKKI Malware to North Korean APT
56. .@Lookout’s @VijayaKaza is at @FedNewsRadio’s studio recording with @gschumm!
57. Hackers Use Instagram For Selling Stolen ‘Fortnite’ Accounts And Botnets
58. CyberSecurity Asean security alert on A Vulnerability in Microsoft Windows JET Database Engine Could Allow for Remote Code Execution
59. Preventing and Detecting Malicious Insiders
60. Facebook faces legal actions after data breach
61. Enormous botnet used to hijack traffic destined for Brazilian banks
62. The @activereach guide to #DDoS, is aimed at technically aware business people who do not necessarily have a background in
63. Norton by Symantec Urges Consumers to Help Protect Their Personal Data
64. In 1999, AV-TEST reported that there were 98,428 total unique malware samples. Today, AV-TEST registers over 350,000 new pieces of
65. Heipparallaa! Uudessa jaksossamme sivuutamme ajankohtaiset aiheet ja keskitymme puhumaan @japi999 ja @ekoivune kanssa tietoturva-asiantuntijuudesta. Bonusvieraana tällä kertaa OpSecin sijaan @Larppa1337!

FOOD

Nothing to report

WATER

Nothing to report

ENERGY

66. TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers
67. Weekly Threat Briefing: Cobalt Threat Group Serves Up SpicyOmelette Fresh Bank Attacks

GOVERNMENT & PUBLIC SERVICE

Nothing to report